Merge pull request #249 from glennsarti/MODULES-8359-remove-xplat-winpowershell

(MODULES-8359) Remove non-Windows support for powershell provider

Author: michaeltlombardi

lib/puppet/provider/exec/powershell.rb

@@ -3,13 +3,13 @@
 require File.join(File.dirname(__FILE__), '../../../puppet_x/puppetlabs/powershell/powershell_manager')
 
 Puppet::Type.type(:exec).provide :powershell, :parent => Puppet::Provider::Exec do
+  confine :operatingsystem => :windows
+
   commands :powershell =>
     if File.exists?("#{ENV['SYSTEMROOT']}\\sysnative\\WindowsPowershell\\v1.0\\powershell.exe")
       "#{ENV['SYSTEMROOT']}\\sysnative\\WindowsPowershell\\v1.0\\powershell.exe"
     elsif File.exists?("#{ENV['SYSTEMROOT']}\\system32\\WindowsPowershell\\v1.0\\powershell.exe")
       "#{ENV['SYSTEMROOT']}\\system32\\WindowsPowershell\\v1.0\\powershell.exe"
-    elsif !Puppet::Util::Platform.windows?
-      'pwsh'
     else
       'powershell.exe'
     end
@@ -68,33 +68,21 @@ def ps_manager
   end
 
   def run(command, check = false)
-    if Puppet::Util::Platform.windows?
-      if !PuppetX::PowerShell::PowerShellManager.supported?
-        self.class.upgrade_message
-        write_script(command) do |native_path|
-          # Ideally, we could keep a handle open on the temp file in this
-          # process (to prevent TOCTOU attacks), and execute powershell
-          # with -File <path>. But powershell complains that it can't open
-          # the file for exclusive access. If we close the handle, then an
-          # attacker could modify the file before we invoke powershell. So
-          # we redirect powershell's stdin to read from the file. Current
-          # versions of Windows use per-user temp directories with strong
-          # permissions, but I'd rather not make (poor) assumptions.
-          return super("cmd.exe /c \"\"#{native_path(command(:powershell))}\" #{legacy_args} -Command - < \"#{native_path}\"\"", check)
-        end
-      else
-        return ps_manager.execute_resource(command, resource)
-      end
-    else
+    if !PuppetX::PowerShell::PowerShellManager.supported?
+      self.class.upgrade_message
       write_script(command) do |native_path|
         # Ideally, we could keep a handle open on the temp file in this
         # process (to prevent TOCTOU attacks), and execute powershell
         # with -File <path>. But powershell complains that it can't open
         # the file for exclusive access. If we close the handle, then an
         # attacker could modify the file before we invoke powershell. So
-        # we redirect powershell's stdin to read from the file.
-        return super("sh -c \"#{native_path(command(:powershell))} #{posix_args} -Command - < #{native_path}\"", check)
+        # we redirect powershell's stdin to read from the file. Current
+        # versions of Windows use per-user temp directories with strong
+        # permissions, but I'd rather not make (poor) assumptions.
+        return super("cmd.exe /c \"\"#{native_path(command(:powershell))}\" #{legacy_args} -Command - < \"#{native_path}\"\"", check)
       end
+    else
+      return ps_manager.execute_resource(command, resource)
     end
   end
 
@@ -126,10 +114,4 @@ def native_path(path)
   def legacy_args
     '-NoProfile -NonInteractive -NoLogo -ExecutionPolicy Bypass'
   end
-
-  def posix_args
-    # Note - using -ExecutionPolicy causes PowerShell to abort
-    # https://github.com/PowerShell/PowerShell/issues/2742
-    '-NoProfile -NonInteractive -NoLogo'
-  end
 end